US team develops un-hackable RFID chip

4th February 201612:03 pm4th February 201612:03 pm

With concerns growing over the ability of criminals to hack contactless technology, researchers at MIT and Texas Instruments have developed a new type of radio frequency identification (RFID) that they claim is almost un-hackable.

New RFID technology could secure credit cards, key cards, and pallets of goods

According to MIT student Chiraag Juvekar the chip is designed to prevent so-called side-channel attacks which analyse patterns of memory access or fluctuations in power usage when a device is performing a cryptographic operation, in order to extract its cryptographic key.

“The idea in a side-channel attack is that a given execution of the cryptographic algorithm only leaks a slight amount of information,” Juvekar said. “So you need to execute the cryptographic algorithm with the same secret many, many times to get enough leakage to extract a complete secret.”

One way to thwart side-channel attacks is to use a random number generator to regularly change secret keys, but such a system would still be vulnerable to a “power glitch” attack, in which the RFID chip’s power would be repeatedly cut right before it changed its secret key.

Power-glitch attacks have been used to circumvent limits on the number of incorrect password entries in password-protected devices, but RFID tags are particularly vulnerable to them, since they’re charged by tag readers and have no onboard power supplies.

Two design innovations allow the MIT researchers’ chip to thwart power-glitch attacks: an on-chip power supply whose connection to the chip circuitry would be virtually impossible to cut, and a set of “nonvolatile” memory cells that can store whatever data the chip is working on when it begins to lose power.

For both of these features, the researchers use ferroelectric crystals, which consist of molecules arranged into a regular three-dimensional lattice.

In every cell of the lattice, positive and negative charges naturally separate, producing electrical polarisation. The application of an electric field, however, can align the cells’ polarisation in either of two directions, which can represent the two possible values of a bit of information.

When the electric field is removed, the cells maintain their polarisation. Texas Instruments and other chip manufacturers have been using ferroelectric materials to produce nonvolatile memory, or computer memory that retains data when it’s powered off.

A ferroelectric crystal can also be thought of as a capacitor, an electrical component that separates charges and is characterised by the voltage between its negative and positive poles. Texas Instruments’ manufacturing process can produce ferroelectric cells with either of two voltages: 1.5 volts or 3.3 volts.

The researchers’ new chip uses a bank of 3.3-volt capacitors as an on-chip energy source. But it also features 571 1.5-volt cells that are discretely integrated into the chip’s circuitry. When the chip’s power source – the external scanner – is removed, the chip taps the 3.3-volt capacitors and completes as many operations as it can, then stores the data it’s working on in the 1.5-volt cells.

When power returns, before doing anything else the chip recharges the 3.3-volt capacitors, so that if it’s interrupted again, it will have enough power to store data. Then it resumes its previous computation. If that computation was an update of the secret key, it will complete the update before responding to a query from the scanner. Power-glitch attacks won’t work.

The group claims that the technology could prevent identity thieves from stealing credit card information, and prevent high-tech burglars from swiping expensive goods from warehouses and replacing them with dummy tags.

Some great thinking: I am reminded of the story about a future plane that was fully automated.
the passengers were directed to their seats, the doors were closed, take-off achieved and then a recording was played to re-assure passengers. It described the absolute secutity, and triple redundancy of every system, the fail-safe procedures, the flight time, serving of meals… and concluded: ” ….Indeed everything is so well designed that absolutely nothing can go wrong, go wrong, go wrong, go wrong….” until it crashed.

“however, can align the cells’ polarisation in either of two directions, which can represent the two possible values of a bit of information.” Many years ago, when such was still possible, I enjoyed a invitation to the cockpit on a flight to the USA (I had a family connection with the airline) The CEO of the airline was ‘Freddie…
I recall the pilots describing the fully ‘guided’ controlled navigation systems that could and did ‘fly’ the aircraft throughout the journey. Their actual (hoped) position was constantly displayed by on-board systems: but due to the fact that this had two possible parameters (because of some ‘glitch’ in the programming it might believe/show that the plane was on the completely opposite ‘side’ of our planet) it was part of procedures that the co-pilot was to occasionally look out of the window to make sure they were where the instruments said they were. I have to hope that modern systems are better?